package com.rem.shiro.eeShiro.my4Authorization;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.mgt.DefaultSecurityManager;
import org.apache.shiro.subject.Subject;

import java.util.Arrays;

/**
 * 自定义realm 认证
 *
 * @author Rem
 * @date 2021-04-03
 */

public class TestCustAuthenticate {

    public static void main(String[] args) {
        //1.创建安全管理器
        DefaultSecurityManager securityManager = new DefaultSecurityManager();
        //2.给安全管理器设置 自定义MD5realm
        CustRealm customerMD5Realm = new CustRealm();
        //默认密码匹配是equals  需要换凭证匹配器 换成md5匹配就完成了人认证
        HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher("md5");
        //添加散列次数
        hashedCredentialsMatcher.setHashIterations(1024);
        customerMD5Realm.setCredentialsMatcher(hashedCredentialsMatcher);
        securityManager.setRealm(customerMD5Realm);
        //3.给全局安全工具类 放入安全管理器
        SecurityUtils.setSecurityManager(securityManager);
        //4.subject主体
        Subject subject = SecurityUtils.getSubject();
        //5.创建令牌
        UsernamePasswordToken token = new UsernamePasswordToken("zhangsan", "123");
        //6.登陆认证

        //验证状态
        System.out.println("是否认证:" + subject.isAuthenticated());
        try {
            subject.login(token);
        } catch (UnknownAccountException e) {
            System.err.println("用户名错误");
            e.printStackTrace();
        } catch (IncorrectCredentialsException e) {
            System.err.println("密码错误");
            e.printStackTrace();
        }
        //验证状态
        System.out.println("是否认证:" + subject.isAuthenticated());

        //认证用户进行授权
        if (subject.isAuthenticated()) {
            //基于角色全选控制
            System.out.println("是否拥有该权限a:" + subject.hasRole("admin"));
            //基于多角色控制
            System.out.println("是否拥有多个权限b:" + subject.hasAllRoles(Arrays.asList("admin", "user", "root")));
            //是否拥有其中一个权限
            boolean[] booleans = subject.hasRoles(Arrays.asList("admin", "user", "super"));
            for (boolean aBoolean : booleans) {
                System.out.println("是否拥有其中一个权限c" + aBoolean);
            }

            //基于权限字符串的访问控制， 资源标识符：操作：资源类型
            System.out.println("============================================");

            //是否有哪些权限
            System.out.println("权限：" + subject.isPermitted("user:*:01"));
            System.out.println("权限：" + subject.isPermitted("product:update:02"));


            //分别具有哪些权限
            boolean[] permitted = subject.isPermitted("user:*:01", "user:*:01");
            for (boolean b : permitted) {
                System.out.println("权限one:"+b);
            }

            //是否同时具有哪些权限
            System.out.println("权限All：" + subject.isPermittedAll("user:*:01", "product:update:02"));

        }

    }
}
